SentinelOne Singularity Cloud Security Reviews

We use PingSafe as our CSPM. Integrated with our environment, PingSafe scans for vulnerabilities and recommends remediation.

We implemented PingSafe to monitor our cloud security for vulnerabilities in the configuration.

PingSafe is easy to use.

The evidence-based reporting provides details of the vulnerability and the steps we need to take to resolve it.

The PingSafe scanning engine provides valuable evidence by identifying and reporting vulnerabilities that could be attacker targets. This evidence of exploitability is crucial because it allows us to prioritize and patch vulnerabilities effectively. Without this information, we might not be able to address critical vulnerabilities promptly.

Thanks to PingSafe, our security posture has improved significantly. Our team has been able to effectively address all critical and high vulnerabilities identified by the platform.

PingSafe has improved our mean time to detection. Without a CSPM tool, we would not be able to identify vulnerabilities.

PingSafe facilitated collaboration between our cloud security, application development, and AppSec teams. The evidence provided by PingSafe streamlines collaboration and vulnerability resolution across these teams.

The collaboration has saved engineering time by up to 40 percent.

PingSafe's improved compliance monitoring capabilities have helped us achieve a more secure posture.

All the features we use are equal and get the job done.

We encountered issues with some of the configured security rules. The vulnerability recommendations provided by PingSafe were inaccurate. In some cases, the rules are strictly enforced but do not align with real-world use cases. To address this, I recommend revising the security rule definitions to better reflect practical scenarios and provide clearer explanations.

We encountered a problem with PingSafe. They required a broad security policy, but we requested that they implement least privileged access and grant fewer permissions than they initially required. It took them over six months to respond to our request.

I have been using PingSafe for 1.5 years.

I would rate the stability of PingSafe 8 out of 10.

I would rate the scalability of PingSafe 9 out of 10.

The technical support teams' response time was good but they were lacking a deep understanding of the different environments which caused delays in resolving our issues. 

Neutral

The initial deployment was straightforward and took 2 days to complete.

Two people from our team were involved in the deployment.

I would rate PingSafe 7 out of 10.

Four people in our organization utilize PingSafe.

No maintenance is required from our end.

I recommend PingSafe to others for CSPM. 

We use the solution for security and monitoring. It helps maintain compliance standards. Multiple policies can be mapped and evaluated and alerts can trigger your attention.

We're using multiple cloud environments and multiple providers, such as AWS, Azure, GCP, and Postgres. It helps us manage multi-cloud security.

The UI is very good. The solution offers very good adaptability.

Its ease of use is pretty good. After using it for nine months, I'm pretty comfortable with it.

The evidence-based reporting helps us prioritize and solve issues. This is a feature that is missing from most platforms.

We use agentless vulnerability scanning. It's a good aspect of the product.

The proof of exploitability and evidence-based reporting are excellent. They gave me a detailed idea of what was exposed. 

We use the infrastructure as code scanning. It really helps manage the policies, which I have been working on. 

The compliance capabilities are helping me most of all. The reports and alerts we get help manage everything and act on issues.

We've reduced the number of false positives we receive by 35% or so.

We've reduced our time to detect by about 20%.

It does take time to remediate, however, we've saved time in terms of time to remediate since we get more details around alerts and can go in and look and solve issues. We've reduced our mean time to remediation by about 30% to 35%.

It can be complex to use at the outset. 

They could have better support. We've had support issues in the past. They need more experienced support personnel. 

I've been using the solution for 8 to 9 months.

The stability is okay, however, it needs more maturity. 

We have 2 to 3 users on the solution currently. We have it in one location right now. 

The scalability depends on the integration.

Technical support has room for improvement. 

Neutral

We did previously use a different solution. We used Prisma. It did offer good pricing and good scalability.

The initial setup only took about 1 week. I was not directly involved in the customer onboarding process. 

The solution does not require any maintenance. 

We see an ROI in the fact that we can better map our best practices. From a security perspective, we're saving around 30% to 40% and we're able to implement more best practices.

The pricing is pretty good. It's comparable to or better than others on the market.

I'm a partner.

The solution is cost-efficient, yet it needs more support accessibility. However, I would recommend this solution to others. I'd rate the product 5 out of 10 overall. 

Cloud Native Security is a CSPM platform we use for cloud security. It checks for vulnerabilities in our web applications and cloud configurations. It also detects infrastructure-as-code issues. Additionally, it scans to find secrets in our code before it goes live. 

Cloud Native Security identifies vulnerabilities before any bad actor can exploit them. We know if there's a misconfiguration in the cloud or vulnerabilities in our cloud-hosted applications. Kubernetes security is also a component. It also has multiple benchmarks for compliance with security regulations.

Since implementing Cloud Native Security, our risk posture has greatly improved. We are more compliant now. It has built-in compliance benchmarks for various regulatory standards. We were around 60 percent compliant when we started, and now we're at more than 95 percent. 

Cloud Native Security has reduced our mean detection time by continuously scanning and sorting issues into high, medium, and low priority. We can easily detect things before the wrong person finds them. The solution reduces our remediation time, but it varies depending on the team. We address critical issues immediately. Cloud Native Security's rescan capability is good because we can rescan in a few minutes to know whether the issue has been fixed. 

Cloud Native Security enables more collaboration between the security team and developers. The solution allows everyone to view the dashboard, so we can integrate more users and project teams. Everyone can look at the Cloud Native Security dashboard and see which issues are in their repositories or buckets. It's easier for everyone to work together to address issues. 

It saves a lot of time because we would need to look for secrets manually without Cloud Native Security. Searching for cloud misconfiguration issues is also time-consuming and hard to do correctly because our infrastructure is huge. It's inconvenient for the security team to check manually and do penetration testing of every component

When we initially integrated Cloud Native Security, we used to get some false positives, but it was manageable. Now, I rarely see any false positives because Cloud Native Security has improved its tool. We've given them a lot of feedback to help them differentiate between false positives and hits. It was a lot of manual work, but that has gotten better. 

Cloud Native Security is user-friendly. Everything in Cloud Native Security is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features. Recently, they added evidence-based reporting abilities. It tells us exactly where the issue is and gives us links to the endpoint and screenshots.

It allows us to scan for vulnerabilities and rate limits without deploying agents. Cloud Native Security allows us to set those values according to our server capabilities and preferences. We can also decide how many cluster images to scan.

The infrastructure-as-code feature is helpful for discovering open ports in some of the modules. It will tell us precisely where the port is open, including the repository and source code. Thus, we know that a port is open on that particular line. After integrating Cloud Native Security into our organization's system, we identified many thousands of secrets that are pushed into the source code.

We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization. 

The offensive security engine is pretty good, but I can't say it's complete. I rate it seven out of ten. Cloud Native Security's specialty is cloud security, so the offensive security does lack a few things. We cannot rip reports like Tenable, Qualys, and all those vulnerability scanners, but it identifies some sensitive issues like exposed APIs. Some other issues are not identified, like access, but it does detect sensitive information exposure. 

We have used Cloud Native Security for two or three years. 

I haven't had any issues with Cloud Native Security's stability. However, we once saw a spike in CPU consumption when they implemented a new feature.  We contacted Cloud Native Security, and they addressed it in a day. 

Cloud Native Security is highly scalable. 

I rate Cloud Native Security support nine out of ten. Their tech support is excellent. We have a dedicated person that we can contact directly. They recently introduced a new tool where we can chat with support directly from within the tool. 

Positive

Cloud Native Security is a SaaS solution, and the onboarding is straightforward. They have a good knowledge base, and it's easy to integrate it. You can get it up and running in under a day or two.

Cloud Native Security does offer ROI. We have used Cloud Native Security for more than three years, and we are stoked about the value the solution offers to our organization. 

Cloud Native Security doesn't cost much, so it's worth what you're paying, and the ROI is excellent. 

I rate Cloud Native Security nine out of ten. I would recommend it because many of the solutions that provide capabilities like secret scanning, cloud configurations, and offensive security charge by module, and the costs are pretty high. Cloud Native Security is more cost-effective, so I would recommend it. Also, the amount of issues Cloud Native Security detects is good.

We leverage PingSafe for cloud security posture management, which continuously monitors our cloud configuration for vulnerabilities. When PingSafe detects an issue, we prioritize the alert from our cloud-native security solution and route it directly to the DevOps team for remediation.

We have PingSafe deployed on AWS, Azure, and GCP.

PingSafe has significantly reduced the number of false positives in our cloud-native security environment from 30 percent down to five percent. This is especially helpful since we receive notifications and alerts from various sources like AWS and Cloudflare, all with their own security policies. With PingSafe, I feel confident that these alerts are accurate, reducing the workload on our security team and giving us peace of mind for the past two years.

The threat detection capabilities have improved our overall security by safeguarding our cloud data transfers, and protecting both incoming and outgoing files.

With a large number of domains under our management, PingSafe's incident response feature is crucial for identifying and swiftly addressing any data corruption issues that may arise within them.

PingSafe has a user-friendly interface, making it a breeze to learn the fundamentals and navigate the dashboard.

Our Infrastructure as Code effectively identifies potential problems in templates and configuration files during the preproduction phase. This information is then relayed to our support team who can address these issues proactively.

Before implementing PingSafe, our cloud security was inadequate, resulting in inaccurate data visibility. To ensure complete data encryption and client invisibility, we adopted PingSafe, which successfully secured our cloud environment.

Reducing false positives has strengthened our security posture. While we transitioned from Prisma Cloud to PingSafe for our GCP and AWS environments, Prisma offered more advanced features. However, PingSafe prioritizes customer requests, addressing security needs faster than Prisma's release cycle, ultimately improving our security efficiency.

PingSafe has strengthened our risk posture by implementing access controls to ensure only authorized personnel can reach our data, and by safeguarding it to minimize security risks.

PingSafe has reduced our mean time to detection by 15 percent.

The implementation of PingSafe has improved collaboration between our cloud security application developers and AppSec teams. By granting those teams write access, PingSafe streamlines interaction and fosters a more efficient working environment.

Our engineering time has been saved thanks to the visibility that PingSafe provides.

The visibility PingSafe provides into the Cloud environment is a valuable feature.

The user interface is well-designed and easy to use, and retrieving data is smooth and effortless. 

PingSafe's cloud filtering has a limitation: implementing single sign-on requires a pre-class account feature, which is currently not available.

I have been using PingSafe for one year.

I would rate the stability of PingSafe seven out of ten. It is stable when it comes to securing our data.

I would rate the scalability of PingSafe eight out of ten. We have scaled many times.

The technical support team is both responsive and efficient, promptly resolving our issues.

Positive

While Prisma Cloud initially managed our cloud security, their slow feature implementation ultimately led us to switch to PingSafe. PingSafe's responsiveness in delivering the features we need has been a major improvement. Also, the visibility and dashboard of PingSafe are superior.

The deployment of PingSafe spanned several weeks as each cloud platform we deployed it on required one to two weeks for the process to complete.

PingSafe is affordable.

I would rate PingSafe seven out of ten.

We have around 20,000 users and have PingSafe deployed in multiple locations.

While PingSafe does require maintenance, our engineering team prioritizes keeping it up-to-date to ensure the accuracy and security of the data that underpins our cloud security posture.

I recommend PingSafe to others.

We use the tool for cloud security management. We check the vulnerabilities in the cloud during the configuration phase using PingSafe. We check how many cloud assets are being covered and how many issues have been identified from multiple cloud assets. We check different types of issues. We look into cloud network configuration, Offensive Security, Kubernetes security, and vulnerabilities. We also use the ThreatWatch option to check for active attacks happening worldwide. We can also check compliance, analytics, and asset inventory. We use the tool in multiple locations.

Without the product, we cannot know the configurations and the issues that are present in the cloud assets. PingSafe helps us to know such details easily. It guides us and shows the flaws or vulnerabilities present in the cloud assets. It also provides good remediation processes with screenshots. It is easy to tackle and remediate the issues present in the cloud assets.

The solution provides detailed visibility into the security state of the assets and workloads across all the platforms. The remediation process is good. It clearly provides every step required in the resolution with screenshot links. I like it very much. The product helps us identify the misconfigurations and flaws present in our organization. We meet with the concerned teams and resolve the issues. It helps us a lot by finding all the issues in the cloud assets.

We use the solution's agentless vulnerability scanning. There are different categories in the product. It is useful for us that PingSafe includes proof of exploitability in its evidence-based reporting. It is required for every company that uses clouds. PingSafe has helped reduce the number of false positives we deal with. Most of the time, we do not get false positives. It is usually below 10%.

The product has improved our risk posture by 50%. We can detect vulnerabilities faster. PingSafe has sped up the process by 80% to 90%. PingSafe provides us with the remediation process. It has reduced the mean time to remediate. Without the tool, we wouldn't know the process to remediate. We can get some things on Google, but the product provides the exact process we need to follow. The solution improves the mean time to remediate by 70%. It is a very helpful tool for remediation.

PingSafe is a collaborative tool. It is very easy to use. Anyone can easily use it. We can easily check the flaws and collaborate with other teams. PingSafe has helped us save engineering time by 50%. We use other tools for compliance. We have endpoint security solutions and antivirus products for normal assets. Similarly, we need a tool for the cloud assets. I will recommend PingSafe to everyone who uses the cloud.

Under the containers section, we have a cluster. It is a link between the organization and PingSafe. We don't get any notifications from PingSafe when the clusters are down. The PingSafe database doesn't receive any updates. It doesn't trigger any alerts. We must check things manually. It must be improved in future releases. If notifications are available, then it will be more helpful, easy, and time-saving. We can easily contact the team, check why the cluster is down, and restart things.

I have been using the solution for one and a half years.

The solution is stable. I rate the stability an eight out of ten.

We have eight users in our organization. The solution does not need any maintenance. I rate the scalability a nine out of ten.

The technical support is good. The team responds within 24 hours and resolves all the issues we raise. The team also arranges monthly meetings for updates. The support team educates us about the upcoming updates in the tool. The team helps us if an individual or a team has issues with PingSafe. The support people also help us with the remediation process if we are stuck at any stage.

Positive

The tool is deployed on the cloud. The deployment can be done in a day. One or two people from our organization and two to three people from the development team of PingSafe were involved in the deployment. The solution was easy to deploy. It was not complicated.

The product has saved us time, money, and resources. We have saved 80% of time, 20% of resources, and 80% of money.

The tool is cost-effective. It is neither cheap nor expensive.

The tool is easy to use. Compared to other products, PingSafe is the most easy to use. There are different severity categories, such as critical, high, medium, and low. We get notifications for critical things. Critical issues have the highest priority. The ability to prioritize the issues is helpful for us.

Overall, I rate the product an eight out of ten.

We use the solution for security purposes. We deploy it into our infrastructure in the cloud. We want to make sure that all everything is secure, for example,if APIs are getting accessed, that it's by the right people. It's a security hub for us.

The solution is very good at tracing issues. 

The dashboard is quite helpful. It's easy to use. The product is flexible and can be used in multi-cloud setups.

It's an easy solution for a beginner. 

We've taken advantage of the reporting, which is quite good. It provides us with all the information we need. They have proof of exploitability capabilities, which is important to use. 

The solution has agentless vulnerability scanning, which we use. You can look at extra ports. It's a great feature. 

Its infrastructure of code scanning is useful. I can see it in the container configuration file. It's good for identifying preproduction issues in the container configuration files. It's working well. However, it's not dynamic. It's static.

We were able to witness the benefits after some time had passed. Within a month or two had passed, we began to really witness change. Previously, we were running blind, and now we can see where things might go wrong. 

Our risk posture has improved. Both time to detect and time to remediate have improved.

It's positively affected the communication between cloud security, application developers, and AppSec teams. 

They could have more comprehensive reporting. I'd like to see more details. 

We've found a lot of false positives. It has not helped us reduce our level of false positives. 

We'd like them to work on integration between networks. If I deployed the solution with another layer of security, they can't talk to each other. PinGSafe basically needs to integrate with more tools, especially on the security side. 

I've used the solution for 1.5-2 years. 

The stability is good. I haven't noticed any lagging or crashing. 

The solution can scale fast. The dependency is on the API side, however. 

I've contacted technical support in the past. The quality is good. However, sometimes their staff don't know the details. The speed of response is good.

Positive

I have used other solutions, including Prisma and Datadog. 

I was involved in the initial deployment of PingSafe. It was very easy to implement. We had two to three people working on the set up process. 

There is no maintenance needed for the solution once it is up and running. 

I'm a PingSafe customer. 

I'd rate the solution 8 out of 10. If someone is looking for a CPSM tool, they should look into PingSafe's capabilities to see if they match what a company needs. 

We mainly use PingSafe for cloud security. 

We like that it is cloud-native security. It gives us an overview of all cloud structures. For example, if I'm integrating with AWS or Azure and I'm not sure of all of the instances, it will scan the whole cloud and show us issues related to instances. It can help us uncover vulnerabilities. 

Of all the features we use, the cloud configuration and the offensive security engine are the most used. There is a secret scanning feature that I really like. It scans the public repositories, private repositories, and developer repositories. That way, we can see if any secret is added to the search engine or anywhere over the Internet. It detects this and then lets us know to which repository it was added. We can get it removed if we need to from repositories like GitHub.

The solution is good for verifying actual exploit paths. It helps us detect whether all the instances that are publicly available can be made private. We can see if anything is suspicious or harmful to us in the future or if any technical exploit has a specific port or something like that. If there is any vulnerability, such as if our Microsoft version is publicly exposed or if it is an older version, we can disable it, or we can upgrade to get the latest version of iOS to avoid exploitation.

The solution is easy to use. The interface is nice. Anyone can spend a day or two with the solution and they'll be able to understand the whole structure of the application, its features, and how to use it. 

The integration with other solutions is very good. We integrate it with Jira and it runs smoothly. There are also default integrations for various clouds, like Google and Azure. We can also get alerts in various ways, like through Jira or email.

The evidence-based reporting is useful. It provides evidence according to the issue. We get a proper overview of the issue. I can check the evidence panel to see if the issue is genuine or a false positive by looking at the evidence. 

We noted immediate benefits from using the solution. Within about a month, we had it integrated with Jira, and connected to all accounts and were able to easily find issues. 

With PingSafe, we are 96% to 97% compliant. It helps us judge and, as necessary, mitigate risks. 

We've noticed a drop in false positives. I haven't noticed any false positives in PingSafe, to be frank. Unless it's a glitch in the system, everything coming in is a positive.

Our mean time to detect has been reduced. 

It's helped us collaborate effectively between cloud security application developers and AppSec teams. Having a vulnerability management module gives good visibility to vulnerabilities that are highly exploitable. We can see exactly what's vulnerable or affected in order to troubleshoot.

We'd like the integration with Jira to be stronger in some areas. For example, we'd like to be able to create multiple tickets for multiple instances. Right now, we can only create one ticket and cannot be specific enough. There's no way to create multiple tickets. It's very difficult to assign multiple teams the same Jira ticket.

Scanning capabilities should be added for the dark web.

I've used the solution for the last two years. 

The stability is good. There's no lagging or crashing. There may be a downtime once a quarter. 

We haven't had any issues with scaling. 

Technical support is very good. We do have a monthly call with PingSafe whereby we run through and resolve any issues. They typically answer our queries within 24 hours. The team is good. They seem technical. 

Positive

This is the first cloud security tool we've used. 

The initial deployment was easy. The PingSafe team was very helpful. If we needed any help they were there to guide us. There's even a step-by-step guide. 

We had a member of the DevOps team provide us with all of the credentials and give permissions and another security team member to communicate to the PingSafe team in order to arrange all of the integrations. 

The tool is very efficient. There is no maintenance needed. 

We did not need any assistance from a reseller or consultant. 

While my understanding is there will be a price increase, so far, the pricing has been okay.

We evaluated Prisma Cloud and Crowd Strike. We used Crowd Strike for a while; however, now we are only using PingSafe. PingSafe is very good. It offers multiple modules, and no other tool provides vulnerability scanning, secret scanning, and container cloud security in one dashboard. 

We are a PingSafe customer. 

I'd rate the solution 9 out of 10. Overall, the tool is good. 

New users should be ready for a lot of issues that will come onto their dashboard. They'll need a team of three to four at the outset to analyze the dashboard and work through reported vulnerabilities. 

We are a security-based company. We use PingSafe to put our data planes on it. We have a cloud setup, and we have integrated PingSafe into our environment. It checks for any audit or security-related issues.

By implementing PingSafe, we wanted a centralized solution. We have many AWS accounts to manage, so we wanted a single dashboard with analytics. We wanted to be able to view and monitor everything at once. We also wanted to customize the rules on which we wanted the alerts to be set up. PingSafe was a better option for our use case.

We have multiple rules set up on PingSafe for things that we want to monitor. We have set up something for restricted access for SSH, and then we have access to the EC2 instances. If any of the rules are broken or if there is a bad actor, we get notified quickly. It also helps with the audit and keeping the infrastructure clean.

PingSafe includes proof of exploitability in its evidence-based reporting. This is quite important for us because we are a security-based company. We want to tag each and every alert correctly. We also need to provide RCA to the customers. PingSafe forms a very good basic layer for things that are happening in the infrastructure. The reports that it gives are also nice. It gives us information about the impact and other things. It helps us.

Its setup is good. It also depends on how finely you want to set it up. It depends on the rules you set, the thresholds you set, and how quickly you act on things. We did not want PingSafe to act on things, so we went for a basic setup without any auto-remediation. We act on the issues. It provides us with a basic layer of security.

Previously, we used to find issues from the AWS console and the AWS logs, but because we had multiple AWS accounts, finding out the issues was a bit of a pain point for us. We had to go inside 30 to 40 AWS accounts to find out the capabilities. We had to write our own automation scripts to find the full logs. We wanted a solution that gave us a centralized place to put all the issues that we were facing based on security concerns. With PingSafe, we found a centralized solution. It was easy for us to get the data of 30 to 40 clusters in a single dashboard. It was pretty nice to have that. The UI seems a bit confusing initially, but once you start using it, it becomes more intuitive.

There is a team that is working on setting it up on ISE. So far, with just a vanilla setup, it is doing its job, and we are happy with it.

There are a few false positives, but we want them to be there. We do not want to miss out on something. We want everything to be monitored. It does not matter to us if it is a false positive. At the end of the day, the cost that we would pay by ignoring a true positive thinking it is a false positive would be much higher than going through false positives and marking them as false positives.

For every module and everything that we do on our AWS clusters, we evaluate the risk individually, and then PingSafe forms an extra layer of security on top of the personal checks that we do. It is like a shield for us. It helps us a lot.

PingSafe has reduced the mean time to detect issues by a lot. Earlier, it was a very manual process to detect errors. There was not a single place where we could look into all the alerts. They were all scattered. PingSafe unified that. With PingSafe, once the alert is detected, we can just look into it directly. We can go into a specific cluster, resolve the issues, and mark it as resolved. There is a 45% to 50% reduction in the mean time to detect.

Our mean time to remediate remains the same because we have manual remediation. There is no change in that. The main issue for us was to be able to detect issues, and PingSafe solved that for us, but because remediation is taken care of by us manually, the mean time to remediate remains the same.

PingSafe is continuously monitored by the customer success engineering team and the security team. These people contact the infrastructure team. The application team is not involved because we mostly monitor the infrastructure side. That is the AWS side. It helps us with better collaboration. When the time zones change, we do not have to give a lot of context or change information across different time zones to different people. They can go into the console, see the issue, and continue to work on it.

Earlier, if there was a security issue, it had to be handed over to people in different time zones. Because we are a global company, we have on-calls and other things. Earlier, it used to be a big process. We had to write down the whole documentation of what happened, where we were seeing the issue, and whether it was resolved or not. We had to provide the complete information on that single issue. Things are simpler now because people can just log into it and see what is in the pending state and which security vulnerabilities we are still facing. A person in a different time zone can just log into the PingSafe console and start remediating the issue.

The multi-cloud support is valuable. They are expanding to different clouds. It is not restricted to only AWS. It allows us to have different clouds on one platform. The integration is quite easy. It took around 15 minutes for the whole stack to set up. It was very easy to set up. That was one of the best things.

The custom rules are also valuable. We can set up our own thresholds on the rules. We can have a granular setup for the rules. We can also scan for specific ports and specific AWS modules. The granularity of rules is good. 

In terms of ease of use, initially, it is a bit confusing to navigate around, but once you get used to it, it becomes easier. Initially, I had problems finding a few things and creating the policies. It was a bit difficult for me, but after going through the documentation, it got easier.

I was checking the IaC checks that they have, and they can add something for auto-remediating IaC. They can integrate something that will help auto-remediate on IaC and make needed changes to the code. They can also integrate something like CoPilot.

Other than that, I do not have any input. They have covered quite a bit. They are doing a good job. The features are good for what we are using it for right now.

I have been using PingSafe for 3 to 4 months.

Its stability is good. We do not have a high volume. It is doing well for the scale that we have. I would rate it a 9 out of 10 for stability.

Its scalability is good. I would rate it an 8 out of 10 for scalability. It meets our requirements. PingSafe does the very basic job of collecting the CloudWatch logs, keeping them in a centralized place, and looking for errors. We have scaled it across all of our AWS accounts, and it is doing well. I do not see any issues coming in the future as well.

PingSafe is being used by our infrastructure team. There are 15 to 20 people who keep a check.

Their support was good. I would rate them an 8 out of 10.

Positive

We did not have anything like PingSafe before.

The initial setup was straightforward. It only took about 15 minutes.

We initially had issues handling the setup. We were doing it slightly wrong. We ran it multiple times which messed up the setup. We got PingSafe folks on the call. PingSafe people assisted us with it, and it was very quick once they were on the call.

We are on the cloud. We have different AWS clusters, and we have onboarded AWS clusters to it. There is a single dashboard for us. We have not integrated it with anything else. PingSafe is a separate system running, and we have not integrated it with anything. Being a security company, we are directly adding third-party solutions to our stack. 

PingSafe does not require any maintenance from our side. It was a one-time installation, and since then, we have not had any issues with it.

Based on the things that we have tested, it does a pretty good job of alerting and reporting. If you have a highly scaled environment with 50 to 60 AWS clusters and you are looking for a tool that simplifies getting security logs, PingSafe is the perfect solution. It does the job. I would recommend PingSafe to others.

PingSafe has an auto-remediation feature, but we are not using that because we have to give a lot of access to PingSafe for that. We are not willing to do so. That is why we do not use the auto-remediation offered by PingSafe. We just get the alerts, and then we act on them. We also do not use agentless vulnerability scanning, IaC scanning, and PingSafe's Offensive Security Engine.

Overall, I would rate PingSafe an 8 out of 10.